What is a CIS benchmark?

More context

CIS benchmarks are developed through community consensus, with security practitioners contributing recommended settings that are then reviewed and ratified by CIS. As of 2025, there are over 100 published benchmarks covering operating systems, cloud platforms, container orchestration, databases, applications, and mobile devices.

Each control in a benchmark includes the recommended setting, the rationale (why this matters), the impact (what changes for users or operators), and audit/remediation procedures. This makes benchmarks usable both as a hardening guide and as an audit reference.